Kevin Cahill at Dechert LLP

Newsflash: CCPA Regulations are Finalized and Approved with a Few Notable Changes

The California Attorney General announced on August 14, 2020 that the final regulations (Final Regulations) under the California Consumer Privacy Act (CCPA) had been approved by the California Office of Administrative Law (CA...more

8/25/2020 / California Consumer Privacy Act (CCPA) , Compliance , Consent , Consumer Privacy Rights , Disclosure Requirements , Final Rules , Misuse of Information , Notice Requirements , Office of Administrative Law , Opt-Outs , Personal Information , State Attorneys General , Transparency , Websites

OCIE Cyber Risk Alert Identifies Increase in Sophistication of Ransomware Attacks on SEC Registrants

The Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a cybersecurity risk alert on July 10, 2020 regarding ransomware (Alert). In the Alert, OCIE described “recent reports”...more

7/27/2020 / Cyber Attacks , Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) , Incident Response Plans , Malware , OCIE , Phishing Scams , Publicly-Traded Companies , Ransomware , Registration , Risk Alert , Securities , Securities and Exchange Commission (SEC) , Training Requirements

State Attorney General Proposes Final Regulations in Connection with California Consumer Protection Act

The California Attorney General’s Office (California AG) submitted final proposed regulations (Regulations) under the California Consumer Privacy Act (CCPA) to the California Office of Administrative Law (CA OAL) on June 1,...more

6/24/2020 / California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Collection , Data Management , Data Privacy , Data Protection , Office of Administrative Law Judges (OALJ) , Personal Data , Personally Identifiable Information , Privacy Laws , State and Local Government , State Attorneys General

2020/02/13 OCIE Releases 2020 Cybersecurity Observations

The Office of Compliance Inspections and Examinations of the Securities and Exchange Commission released cybersecurity and resiliency-related examination observations on January 27, 2020, based on “thousands of examinations...more

2/14/2020 / Broker-Dealer , Clearing Agencies , Corporate Governance , Cybersecurity , Data Loss Prevention , Incident Response Plans , Investment Adviser , OCIE , Privacy Policy , Publicly-Traded Companies , Risk Assessment , Risk Management , Securities and Exchange Commission (SEC) , Stock Exchange , Vendors

Newsflash: OCIE Risk Alert Identifies Reg. S-P Compliance Issues

The Staff of the Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission released a Risk Alert on April 16, 2019, which identifies significant Regulation S-P (Reg. S-P)1...more

4/23/2019 / Broker-Dealer , Compliance , Cybersecurity , Employee Training , Investor Protection , OCIE , Opt-Outs , Personally Identifiable Information , Policies and Procedures , Popular , Privacy Policy , Registered Investment Companies (RICs) , Regulation S-P , Risk Alert , Securities and Exchange Commission (SEC)

NFA Amends its Information System Security Program Requirements; CFTC-Registered CPOs and CTAs Need to Take Action by April 1

The National Futures Association (NFA), the self-regulatory organization of the futures and swap trading industry, announced to its membership on January 7, 2019 that it had amended its requirements for NFA Member Information...more

2/8/2019 / Amended Rules , CEOs , CFTC , Chief Information Security Officer (CISO) , Chief Technology Officer (CTO) , Commodity Pool , Commodity Trading Advisors (CTAs) , CPOs , Cybersecurity , Data Security , National Futures Association , NFA , Popular

California Consumer Privacy Act: Potential Impact and Key Takeaways

The California legislature unanimously approved and California Governor Jerry Brown signed into law the California Consumer Privacy Act of 2018 (CCPA) on June 28, 2018. The CCPA is arguably the most far-reaching data...more

GDPR Compliance: 10 Steps for Global Companies

An immense volume of personal data (or personally identifiable information) is proliferating and flowing throughout the world. Personal data is an incredibly valuable asset to companies but data protection and privacy laws...more

3/13/2018 / Consent , Contract Terms , Data Controller , Data Mapping , Data Protection Officers (DPOs) , Employee Training , Employer Liability Issues , EU , EU Data Protection Laws , European Economic Area (EEA) , General Data Protection Regulation (GDPR) , International Data Transfers , Multinationals , Notice Requirements , Personal Data , Personally Identifiable Information , Privacy Policy , Third-Party Relationships

The Good and the Bad from OCIE’s Cyber Examinations and What Firms Should Do Next

The Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (SEC) released a National Examination Program Risk Alert (Risk Alert) on August 7, 2017 regarding observations from...more

8/22/2017 / Best Practices , Broker-Dealer , Corporate Governance , Cybersecurity , Data Loss Prevention , Incident Response Plans , Internal Controls , Investment Adviser , Investment Companies , OCIE , Regulation S-P , Right of Access , Risk Alert , Risk Assessment , Securities and Exchange Commission (SEC) , Training Requirements , Vendors

OCIE Publishes Risk Alert In Response to WannaCry Ransomware

The Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (SEC) issued a National Exam Program Risk Alert (Risk Alert) on May 17, 2017 in response to “WannaCry,” the ongoing...more

5/22/2017 / Broker-Dealer , Cyber Attacks , Cybersecurity , Department of Homeland Security (DHS) , Financial Industry Regulatory Authority (FINRA) , Investment Adviser , Microsoft , OCIE , Popular , Ransomware , Risk Alert , Risk Assessment , Risk Mitigation , Securities and Exchange Commission (SEC)

Kevin Cahill

Dechert LLP

Popular Topics by This Author

Latest Publications